Re: Clang 3.3 Analyzer Results

On Mon, Nov 11, 2013 at 5:29 PM, Peter Geoghegan <pg(at)heroku(dot)com> wrote:
> On Mon, Nov 11, 2013 at 2:18 PM, Kevin Grittner <kgrittn(at)ymail(dot)com> wrote:
>> I'm currently capturing a text version of all the warnings from
>> this. Will gzip and post when it finishes. It's generating a lot
>> of warnings; I have no idea how many are PostgreSQL problems and
>> how many are false positives; will just post the whole set FWIW. I
>> am using the 3.4 development nightly snapshot with these commands:
>
> When I tried out scan-build a while ago, the results were kind of
> disappointing - there were lots of false positives. Clearly the tool
> was inferior to Coverity at that time. I'd be interested to see if
> there has been much improvement since.
I think you are right. Coverity is a very nice tool, and Clang has
some growing to do. For example, the Clang analyzer does not
[currently] do inter-translation unit analysis. So the following will
cause a false alarm:

// test-1.c
int n;
IntializeN(&n);
DoSomethingWithN(n);

// test-2.c
IntializeN(int* n) { if(n) {*n = 5;} }

On the other hand, its easy to accommodate the analyzer because (1)
programmers are smart, and (2) analyzers are dumb. So the following
would be an easy work around to reduce the noise:

int n = 0;
IntializeN(&n);

If the assignment is extraneous, then the optimizer will remove it and
there's no performance penalty. So its no big deal and it cuts down on
the time wasted on the false positives.

Otherwise, you get into a scenario where the tool is not used. That's
a shame since we know some of its findings are legitimate.

In the end, I don't think its wise to throw the baby out with the bath
water. Learn to work with the tools, becuase the code and users will
benefit.

Jeff